CS551: Security and Privacy on the Internet, Fall 2000 |
Manifest: Wednesday 25 October 2000
Assignments Due 8 November Project Progress Reports
Readings
Readings Note: For the second half of the course, it will be much more important that you actually do the readings before class as assigned. I will assume you have done so in my lectures, and interesting class discussions will depend on you coming in having though about the material in the assigned reading.
Read before Monday, 30 October:
Read before 1 November:
- Eugene Spafford, The Internet Worm Program: An Analysis, December 1988.
- Richard Pethia, The Melissa Virus: Inoculating Our Information Technology from Emerging Threats. Testimony before US House Subcommittee on Technology, April 15, 1999.
As you read these papers, think about what things have changed between 1988 and 1999. How has the damage that can be caused by malicious code changed? How have systems become less vulnerable? How have systems become more vulnerable?Optional additional reading (you will need to read at least one of these for Problem Set 4):
- Gary McGraw and Greg Morrisett, Attacking Malicious Code: A Report to the Infosec Research Council, IEEE Software, September/October 2000. (PostScript)
Each of these papers describes recent work on systems that constrain the behavior of untrusted code. A question on Problem Set 4 will ask you to evaluate one of these systems in terms of the eight design principles in the Saltzer and Schroeder paper (p. 7 - 8). It is recommended that you read the abstract for each of these on-line, and print out and read the entire paper for the one or more that seem most interesting.
- David Evans and Andrew Twyman, Flexible Policy-Directed Code Safety. IEEE Symposium on Security and Privacy, Oakland, California, May 9-12, 1999.
- Li Gong, M. Mueller, H. Prafullchandra, and R. Schemers. Going Beyond the Sandbox: An Overview of the New Security Architecture in the Java Development Kit 1.2. Proceedings of the USENIX Symposium on Internet Technologies and Systems, Monterey, California, December 1997.
- George Necula, Proof-Carrying Code. ACM Symposium on Principles of Programming Language, 1997.
- Dan S. Wallach, Dirk Balfanz, Drew Dean and Edward W. Felten. Extensible Security Architectures for Java. ACM Symposium on Operating Systems Principles, October 1997.
Links
- There were cookies before the web!
- If Multics is so great, how come it was a commercial failure? Richard Gabriel's answer (sort of); Honeywell's bungling.
- Multicians
Questions
- What are some design principles for secure systems?
- How should designers balance tradeoffs between these principles?
- How does virtual memory work?
- What are capabilities? How do they work?
- What are access control lists?
- How have things changed since 1974?
Full MulticsMan Comic
University of Virginia Department of Computer Science CS 551: Security and Privacy on the Internet |
David Evans evans@virginia.edu |